openldap-bugs November 2024

openldap-bugs@openldap.org

1 participants
26 discussions

[Issue 9393] New: Provider a LDAP filter validation function
by openldap-its＠openldap.org 12 Nov '24

12 Nov '24

https://bugs.openldap.org/show_bug.cgi?id=9393 Issue ID: 9393 Summary: Provider a LDAP filter validation function Product: OpenLDAP Version: 2.4.56 Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: libraries Assignee: bugs(a)openldap.org Reporter: best(a)univention.de Target Milestone: --- In many situations I need to validate if a user submitted LDAP filter has valid syntax. It seems there is no official function to check this. Could you provide one? libraries/libldap/filter.c: ldap_pvt_put_filter() can be used as a basis. -- My current workaround is using a unconnected ldap connection and do a search with that filter. This yields a FILTER_ERROR (invalid filter) or a SERVER_DOWN error (invalid filter). See also: https://github.com/python-ldap/python-ldap/pull/272 -- You are receiving this mail because: You are on the CC list for the issue.

1 12

[Issue 9042] loglevel setting that allows seeing attribute values for MOD operations
by openldap-its＠openldap.org 12 Nov '24

12 Nov '24

https://bugs.openldap.org/show_bug.cgi?id=9042 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |FIXED Status|IN_PROGRESS |RESOLVED --- Comment #3 from Quanah Gibson-Mount <quanah(a)openldap.org> --- • 4b8e60f8 by Ondřej Kuzník at 2024-10-25T20:02:19+00:00 ITS#9042 Log modify values under STATS2 -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 9914] New: Add OS pagesize to the back-mdb monitor information
by openldap-its＠openldap.org 12 Nov '24

12 Nov '24

https://bugs.openldap.org/show_bug.cgi?id=9914 Issue ID: 9914 Summary: Add OS pagesize to the back-mdb monitor information Product: OpenLDAP Version: 2.6.3 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: backends Assignee: bugs(a)openldap.org Reporter: quanah(a)openldap.org Target Milestone: --- The pagesize that back-mdb is using for pages should be exposed via the cn=monitor backend, as a remote client doing a query will not have that information available to it. -- You are receiving this mail because: You are on the CC list for the issue.

1 3

[Issue 10283] New: Search result internal error: mdb_opinfo_get: thread_pool_setkey failed err
by openldap-its＠openldap.org 12 Nov '24

12 Nov '24

https://bugs.openldap.org/show_bug.cgi?id=10283 Issue ID: 10283 Summary: Search result internal error: mdb_opinfo_get: thread_pool_setkey failed err Product: OpenLDAP Version: 2.5.13 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: asilva(a)wirelessmundi.com Target Milestone: --- Hi, From time to time i got errors when perform searches and i need to restart the server to establish the service. This is the event log when it happens: Nov 08 10:07:39 main slapd[3946463]: conn=1780 fd=182 ACCEPT from IP=113.53.215.185:41404 (IP=0.0.0.0:389) Nov 08 10:07:39 main slapd[3946463]: conn=1780 op=0 BIND dn="cn=admin,ou=users,o=cptrabajosocial.local.com" method=128 Nov 08 10:07:39 main slapd[3946463]: mdb_opinfo_get: thread_pool_setkey failed err (12) Nov 08 10:07:39 main slapd[3946463]: conn=1780 op=0 RESULT tag=97 err=12 qtime=0.000027 etime=0.000159 text=internal error Nov 08 10:07:39 main slapd[3946463]: conn=1780 op=1 UNBIND Nov 08 10:07:39 main slapd[3946463]: conn=1780 fd=182 closed In the code i found: if ( ( rc = ldap_pvt_thread_pool_setkey( ctx, mdb->mi_dbenv, data, mdb_reader_free, NULL, NULL ) ) ) { mdb_txn_abort( moi->moi_txn ); moi->moi_txn = NULL; Debug( LDAP_DEBUG_ANY, "mdb_opinfo_get: thread_pool_setkey failed err (%d)\n", rc ); return rc; } and libraries/libldap/tpool.c i see that the error 12 (ENOMEM) is returned when MAXKEYS is reached: if ( data || kfree ) { if ( i>=MAXKEYS ) return ENOMEM; ctx->ltu_key[i].ltk_key = key; ctx->ltu_key[i].ltk_data = data; ctx->ltu_key[i].ltk_free = kfree; } else if ( found ) { clear_key_idx( ctx, i ); } Found an old mail about this issue: https://openldap-technical.openldap.narkive.com/Th0WLQYh/max-numbers-of-sub… In my setup I've configured 47 MBs databases, for contacts only, one for each company in the server, so they cannot see each others data. I can't understand how it happens and how to prevent it, is there any configuration i can set to avoid reach the MAXKEYS? Thanks, -- You are receiving this mail because: You are on the CC list for the issue.

1 2

[Issue 10257] New: Documentation assessment
by openldap-its＠openldap.org 11 Nov '24

11 Nov '24

https://bugs.openldap.org/show_bug.cgi?id=10257 Issue ID: 10257 Summary: Documentation assessment Product: OpenLDAP Version: 2.6.8 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: documentation Assignee: bugs(a)openldap.org Reporter: hyc(a)openldap.org Target Milestone: --- Created attachment 1031 --> https://bugs.openldap.org/attachment.cgi?id=1031&action=edit Admin guide assessment Last month I commissioned a tech writer to review the current 2.6 Admin Guide to see what needs to be worked on before the 2.7 release. I'm attaching the report here so we can reference it. Should have distributed it sooner but Life got in the way. -- You are receiving this mail because: You are on the CC list for the issue.

1 2

[Issue 10280] New: Combining positive & negated filters doesn't work with dynlist
by openldap-its＠openldap.org 05 Nov '24

05 Nov '24

https://bugs.openldap.org/show_bug.cgi?id=10280 Issue ID: 10280 Summary: Combining positive & negated filters doesn't work with dynlist Product: OpenLDAP Version: 2.5.18 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: overlays Assignee: bugs(a)openldap.org Reporter: code(a)pipoprods.org Target Milestone: --- The directory contains 3 users & 2 groups. user1 is in group1, user2 is in group2, user3 isn't is any group. Filter [1] matches users that are either: - member of group1 - member of group2 ✅ It returns user1 & user2 Filter [2] matches user that are: - not member of group1 nor group2 ✅ It returns user3 Filter [3] should match users that are either: - member of group1 - member of group2 - not member of group1 nor group2 ❌ It should return the 3 users but only returns users matched by the first part of the filter (whatever the first part, if we swap both parts we get the complementary search results) Filter [1]: (|(memberOf=cn=group1,ou=example-groups,dc=example,dc=com)(memberOf=cn=group2,ou=example-groups,dc=example,dc=com)) Filter [2]: (!(|(memberOf=cn=group1,ou=example-groups,dc=example,dc=com)(memberOf=cn=group2,ou=example-groups,dc=example,dc=com))) Filter [3]: (|(memberOf=cn=group1,ou=example-groups,dc=example,dc=com)(memberOf=cn=group2,ou=example-groups,dc=example,dc=com)(!(|(memberOf=cn=group1,ou=example-groups,dc=example,dc=com)(memberOf=cn=group2,ou=example-groups,dc=example,dc=com)))) Here's my dynlist config: ``` dn: olcOverlay={2}dynlist,olcDatabase={1}mdb,cn=config objectClass: olcOverlayConfig objectClass: olcDynListConfig olcOverlay: {2}dynlist olcDynListAttrSet: {0}groupOfURLs memberURL member+memberOf@groupOfNames structuralObjectClass: olcDynListConfig entryUUID: 7df8328a-fd72-103e-82df-6fed25d5f6c8 creatorsName: cn=config createTimestamp: 20240902122741Z entryCSN: 20240902122741.257759Z#000000#000#000000 modifiersName: cn=config modifyTimestamp: 20240902122741Z ``` Here's a LDIF to initialise directory contents: ``` dn: ou=example-groups,dc=example,dc=com changetype: add objectClass: organizationalUnit ou: example-groups dn: ou=example-users,dc=example,dc=com changetype: add objectClass: organizationalUnit ou: example-users dn: uid=user1,ou=example-users,dc=example,dc=com changetype: add objectClass: inetOrgPerson cn: User sn: One uid: user1 dn: uid=user2,ou=example-users,dc=example,dc=com changetype: add objectClass: inetOrgPerson cn: User sn: Two uid: user2 dn: uid=user3,ou=example-users,dc=example,dc=com changetype: add objectClass: inetOrgPerson cn: User sn: Three uid: user3 dn: cn=group1,ou=example-groups,dc=example,dc=com changetype: add objectClass: groupOfNames cn: group1 member: uid=user1,ou=example-users,dc=example,dc=com dn: cn=group2,ou=example-groups,dc=example,dc=com changetype: add objectClass: groupOfNames cn: group2 member: uid=user2,ou=example-users,dc=example,dc=com ``` -- You are receiving this mail because: You are on the CC list for the issue.

1 1

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

openldap-bugs November 2024